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EXAMINER'S AMENDMENT 

1. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

2. Authorization for this examiner's amendment was given in a telephone interview with 
Albert S. Michalik (Reg. No. 37,395) on 3/10/06. 

3. The application has been amended as follows: 

• . Replace claims 1, 16, and 18 as follows: 

1 . In a computer-system, a method comprising: 

receiving a request via a process thread having a first memory map associated therewith; 

changing a privilege level to a level that allows a memory map change; 
• performing the memory map change to associate a second memory map with the process 
thread, the second memory map providing different memory access with respect to the first 
memory map; 

restoring the privilege level to a level that does not allow a memory map change ; and 
wherein the first and second memory maps each include a mapping that maps a virtual 
memory address to a physical memory address that is larger than the largest possible virtual 
memory address that an entity is allowed to address, wherein the first and second memory maps 
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each include a mapping that maps a virtual memory address to a physical memory address that is 
the same, wherein the virtual memory address that maps to a physical memory address that is 
larger is in user mode addressable space, and wherein the physical memory address that is the 
same is in kernel mode addressable space. 

16. The method of claim 14 wherein the object comprises a synchronization object. 

1 8. The method of claim 14 wherein the object comprises a thread. 

• Cancel claims 23-27 and 31. 



• Replace claim 32 as follows: 
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32. In a computing device, a system comprising: 
a process having at least one thread; 

a first memory map associated with the at least one thread and having data therein that 
maps virtual memory addresses to physical memory; 

a second memory map having data therein that maps virtual memory addresses to 
physical memory, the second memory map providing different memory access with respect to the 
first memory map; 

a protection mechanism, the protection mechanism configured to allow changing of a 
map; and 

trusted code, the trusted code configured to invoke the protection mechanism to change 
the at least one thread from being associated with the first map to be being associated with the 
second map, and wherein the trusted code further includes a function that performs at least one 
trust-privileged operation from among a set of trust-privileged operations, the set including: 
signaling a synchronization object, deleting a timer, and closing a handle. 

• Cancel claim 36. 

/ — 

• Replace claims 37-39, 41, and 43 as follows: 

37. The system of claim 32 wherein the function allocates memory to the process. 



38. 



The system of claim 32 wherein the function deallocates memory. 



Application/Control Number: 09/91 5,628 Page 5 

Art Unit: 2195 

39. The system of claim 32 wherein the function allocates an object. 



41 . The system of claim 39 wherein the object comprises a synchronization object. 



43. The system of claim 39 wherein the object comprises a thread. 



• Cancel claims 44-47. 



• Replace claim 64 as follows: 
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64. A computer-implemented method, comprising: 

associating first, second and third address maps with a process, wherein at least the 
second address map includes a mapping that maps a virtual address to a physical address that is 
larger than the largest possible virtual memory address and the third map includes a mapping that 
maps a virtual address to a physical address that is larger than the largest physical address 
mapped to by the second map; 

receiving a request from a thread of the process to change from the first address map to 
the second address map; 

changing the first address map to the second address map; md 
. using the mapping to access data at a physical memory location having a physical address 
that is larger than the largest possible virtual memory address; and v 

switching to the third map to access data at the physical address that is larger than the 
largest physical address mapped to by the second map. 

• Cancel claims 67 and 69-77. 

• Add the following new claims 78-98: 

78. In a computer-system, a method comprising: 

receiving a request via a process thread having a first memory map associated therewith; 
changing a privilege level to a level that allows a memory map change; 



Application/Control Number: 09/91 5,628 Page 7 

Art Unit: 2195 

performing the memory map change to associate a second memory map with the process 
thread, the second memory map providing different memory access with respect to the first 
memory map and accessing protected memory; 

restoring the privilege level to a level that does not allow a memory map change; 

executing trusted code while the second memory map is associated with the process 
thread, including entering at a predefined entry point a function that performs at least one trust- 
privileged operation from among a set of trust-privileged operations, the set including: signaling 
a synchronization object, deleting a timer, and closing a handle. 

79. The method of claim 78 wherein receiving a request comprises receiving an 
application programming interface call at an operating system component. 

80. The method of claim 78 wherein receiving a request comprises, receiving at an 
operating system a call from a kernel mode component. 

81. The method of claim 80 wherein the kernel mode component comprises an 
installable driver. 

82. The method of claim 78 wherein changing a privilege level comprises calling a 



call gate. 
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83. The method of claim 78 wherein changing a privilege level comprises changing to 
a ring 0 privilege level. 

84. The method of claim 78 wherein performing the map change comprises writing to 
a register. 

85. The method of claim 78 further comprising, performing a second map change to 
re-associate the first map with the process thread. 

86. The method of claim 78 wherein entering the function comprises making an 
application programming interface call. 

87. The method of claim 78 wherein the function allocates memory. 

88. The method of claim 78 wherein the function deallocates memory. 

89. The method of claim 78 wherein the function allocates an object. . 

90. The method of claim 89 wherein the object comprises an item of a set, the set 
comprising a handle, a synchronization object, a process and a thread. 
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91 . The method of claim 78 wherein the first and second memory maps each include 
a mapping that maps a virtual memory address to a physical memory address that is larger than 
the largest possible virtual memory address that an entity is allowed to address. 

92. The method of claim 91 wherein the virtual memory address that maps to a 
physical memory address that is larger is in user mode addressable space. 

93. The method of claim 91 wherein the first and second memory maps each include 
a mapping that maps a virtual memory address to a physical memory address that is the same. 

" 94. The method of claim 93 wherein the physical memory address that is the same is 
in kernel mode addressable space. 

95. The method of claim 91 wherein the first and second memory maps each include 
a mapping that maps a virtual memory address to a physical memory address that is the same, 
wherein the virtual memory address that maps to a physical memory address that is larger is in 
user mode addressable space, and wherein the physical memory address that is the same is in 
kernel mode addressable space. 

96. The method of claim 78 wherein the first and second memory maps each map a 
virtual memory address to a physical memory address that is common to both maps. 
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97. The method of claim 78 wherein the second map maps to memory that is invalid 
in the first map. 

98. The method of claim 78 wherein the second map maps to memory that has 
different access rights in the first map. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kenneth Tang whose telephone number is (571) 272-3772. The 
examiner can normally be reached on 8:30AM - 6:00PM, Every other Friday off 

. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (571) 272-3756. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 



applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Conclusion 
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